Smart R demystifies the access control card jargon
Share this content
If you are an installer competing for a high security or mission critical Access Control project, you might feel overwhelmed by the number of card technologies you will need to choose from to provide your end user clients with the level of security functionality and convenience they require.
Whatever cards are specified, they are all primarily intended to do the same thing, i.e. allow you to control who is allowed to go where and when. Most access control cards are credit card size, but many of the card technologies can also be incorporated into fobs, wrist bands or adhesive patch tags.
In the beginning, (well almost), there was ‘Magstripe’. Having been adopted by banks and becoming part of all our lives, Magstripe cards quickly became acceptable for access control purposes.
At the time of their introduction several decades ago, these types of cards were considered as the ultimate in user friendliness and were thought to offer a level of security which would persuade most businesses to abandon the use of locks and keys.
Nowadays, magnetic stripe cards are ‘cheap as chips’, but it is worth bearing in mind that having to swipe a card through a reader, causes cards to ‘wear out’ and is relatively time-consuming and inconvenient when compared to other types of available cards. This is particularly so if a card holder is likely to be carrying a bag, package or other objects.
Most of us will remember seeing a retail store cashier frustratingly swiping a card fast, then slow or even several times through a reader. The desire for a more consistent and reliable card process, together with the availability of ‘hacking’ technology which made it all too easy to duplicate Magstripe cards, created a niche for Dr John Wiegand to develop his ‘Wiegand effect’ wire filaments into a swipe card. This was so difficult to build, it was almost impossible to duplicate.
Dr John’s legacy lives on as the Wiegand communication protocol and card data formats are still used by most access control systems.
RFID is the acronym for ‘radio-frequency identification’, the base technology incorporated into ‘proximity’ which can be read without the card coming into contact with the access control reader.
Low frequency 125kHz Proximity was one of the first contactless card technologies to be introduced and continues to be a popular choice. These hold as much information as a magnetic stripe card, but they have a read range of up to 50cm, which is likely to be more than adequate for most users who may wish to gain access to restricted areas without having to remove their card from their purse or wallet. These cards are read-only which ensures a fast response at the reader.
Contactless Smart Cards – Chip Serial Number
Utilising the higher 13.56MHz frequency, most contactless smart cards need to be within 10cm of the reader to be read. The ISO 14443 standards dictated that all Contactless Smart Cards need to transmit their Chip Serial Number to any CSN compatible reader with no encryption or password protection. This serial number is also known as NUID (Non-unique ID) in respect of the first generation of cards which had a 32-bit serial number.
However, with all variations of these 32-bits having been issued, it was decided that a larger 56-bit CSN, known as UID (Unique ID), should be adopted, at least until all of its variations have been issued.
This provides a low-cost access control card if you can put up with the inconvenience of having to present each and every card to a reader to learn/enrol the CSN on your system.
Professional level access control systems should not just rely on the CSN of a card for access control. They should also have encrypted communication and the ability to protect the programmed card ID data by using digital keys. The programmed data is known to the card issuer without the need for them to physically present a card to a reader and this therefore makes the administration of card records much simpler and faster. The additional security and convenience provided by secure programming far outweighs the small additional cost of Smart R secure programming service.
The higher frequency of 13.56MHz allows a fast transfer of read and write data between cards and readers for multiple secure applications. These include Time & Attendance and cashless vending, as well as the implementation of strict control over the use of PCs, printers and photocopiers, all of which can store their data which is secured by their own digital-keys and encryption. 13.56MHz is also the preferred choice for transport fare collection type applications.
What does the future hold?
In a COVID-19 affected world, it has become more important than ever to strictly manage the movement of contractors, suppliers and visitors. Access control readers which are able to process unique QR codes offer a highly efficient way of providing temporary access credentials. These can be sent by email and added to a mobile phone’s wallet or they can be scanned directly from the email when the recipient arrives at a building.
Frictionless access control is likely to become a must for many businesses who want to create a hygienic working environment for colleagues and visitors. Fortunately, technology has come to the rescue for companies who want to upgrade their existing systems to support mobile credentials, without having to incur the cost and disruption of replacing existing card readers. Safetrust, for example, have incorporated Bluetooth Low Energy (BLE) into their Sabre Decal modules which can be retrofitted to HID proximity card readers and these are capable of reading encrypted mobile credentials securely stored on a wallet application, which can be run on an Android or iOS smartphone or tablet.
By Neill Williams, Director of Smart R Distribution